MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.

15.3.10

Updated 15.03.2010New domains have been released and has multi-stage attack whereby you chain multiple websites with malicious content.

The last download a binary called update.exe (19d9cc4d9d512e60f61746ef4c741f09) which is a variant of the trojan ZeuS, which has a high detection rate.

The sequence is as follows:

Original 14.03.2010At this point the "circus", no doubt, as I always say, that ZeuS is the "creme de la creme" current on crimeware.

Some time ago we warned about different campaigns where the employer, in all cases without exception, is the exploitation of social engineering to execute a fraudulent component, and the goal is the theft of sensitive information.

Cases like the previous campaign by using the image of ZeuS Facebook and phishing attacks using popular services such as primary coverage, including IRS, VISA, Google and Blogger, among many others, are concrete examples that demonstrate what is the magnitude of the business ZeuS offers computer criminals.

A few days ago, a new campaign to materialize from the hand of ZeuS, involving a large battery of malicious domains. Among them: